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31 AMENDMENTS TO THE CLAIMS 

32 Please amend the claims as follows: 
33 

34 1 . (Presently Amended) A method for use in cable systems, the method for 

35 forwarding messages containing cryptographic keys from multiple onoor mor e access sytems 

36 that control a population of set-top boxes to an encryption renewal system, the method 

37 comprising; 

38 storing a single fictitious address of a virtual set-top box^ said fictitious 

39 address being identical for each of said multiple access systems : 

40 generating a firat mossago, baaed on tho fiotitioufl addres s , th e m ess ag e 

41 containing a firot ontptopraphic k e y: an d unique key within each of said multiple access 

42 systems as a funtion of the identity of each particular access system: 

43 encrypting said unique key for each of said multiple 3x;c€ss systems: 

44 encapsulating each of said encrypted unique keys in a message encoded to be 

45 forwarded to said single 

46 for^varding tho firat m e s s ag e to th e fictitious address of the virtual oot top bojt . 

1 2. (Presently Amended) The method of claim I jfurther comprising receiving 

2 the encoded fe st-message by the encryption renewal system which has infonnation regarding 

3 the fictitious address. 

1 3. (Presently Amended) The method of claim Error! Reference source not 

2 found, further comrising deriving by the encryption renewal system the first cryptographic 

3 key fi^m the encoded first message, 

1 4. (Presently Amended) The method of claim Error! Reference source not 

2 found, further comprising forwarding to a subscriber set-top box, a control message 

3 containing information having the first cryprographic key for allowing the set-top box to 

4 decrypt tbe pre-encrypted content for a designated duration. 

1 5. (Presently Canceled) The method of claim 1 wherein the steps of storing, 

2 generating and forwarding are performed by a first conditional access system. 
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1 6- (Presently Canceled) The method of claim 5 wherein the virtual set-top box 

2 appears to the first conditional access system as one of the population of set-top boxes within 

3 its control. 

1 7, (Presently Canceled) The method of claim 5 further comprising, 

2 storing, by a second conditional access system, the fictitious address of the 

3 virtual set-top box; 

4 generating, by the second conditional access system, a second message having 

5 a second cryptographic key; and 

6 forwarding, by the second conditional access system, the second message to 

7 the fictitious address. 

1 8. (Presently Canceled) The system of claim 7 wherein the first and second 

2 conditional access systems forward the first and second control messages to the same virtual 

3 set-top box, 

1 9. (Presently Canceled) A conditional access system controlling a population 

2 of set-top boxes, the conditional access system compiising: 

3 one or more software instructions for storing a virtual set-top box address 

4 appearing as part of the population of set-top boxes; 

5 one or more software instmtions for generating an entitlement management 

6 message having a periodical key for controling both the population of set-top boxes and the 

7 virtual set-top box; and 

8 one or more software instructions for forwarding the entitlement management 

9 message to the virtual set-top box address, 

1 10. (Presently Canceled) The conditional access system of claim 9 wherein the 

2 virtual set-top box address is unique and no collisions occur with addresses of the population 

3 of set-top boxes. 

1 1, (Presently Canceled) An encryption renewal system, comprising: 

2 one or more software instructions for storing information relating to a virtual 

3 set'top address; 
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4 one or more software instructions for receiving from a first conditional access 

5 system a first entitlement management message having a cryptographic key, the entitlement 

6 management message being intended for receipt by the virtual set-top address; and 

7 one or more software instructions for deriving the cryptographic key from the 

8 entitlement management message. 

1 12. (Presently Canceled) The encryption renewal system of claim 1 1 further 

2 comprising one or more software instructions for detennining that the entitlement 

3 management message is from the first conditional access system. 

1 13. (Presently Canceled) The encryption renewal system of claim 1 1 wherein 

2 the cryptographic key is a first periodical key through which the first conditional access 

3 system controls a first population of set-top boxes, 

1 14. (Presently Canceled) The encryption renewal system of claim 1 1 further 

2 comprising 

3 one or more software instructions for receiving from a second conditional 

4 access system a second entitlement management message having a cryptographic key, the 

5 entitlement control message being intended for receipt by the virtual set-top address; and 

6 one or more sofhvare instructions for deriving the cryptographic key from the 

7 entitlement control message, 

1 15. (Presently Canceled) The encryption renewal system of claim 13 further 

2 comprising a second periodical key through which the second conditional access system 

3 controls a second population of set-top boxes. 

1 16. (Presently Canceled) The encryption renewal system of claim 13 further 

2 comprising a database associated with the first conditional access system of a first video on 

3 demand system, and a second conditional access system of a second video on demand 

4 system. 

1 17. (Presently Canceled) The encryption renewal system of claim 13 flirther 

2 comprising a database for storing the first periodical key of the first conditional access 

3 system, and for storing a second periodical key of a second conditional access system. 
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1 18. (Presently Canceled) A conditional access system controlling a population 

2 of set- top boxes, the conditional access system comprising: 

3 means for storing a virtual set-top box address which appears as part of the 

4 population of set-top boxes; 

5 means for generating an entitlement management message having a periodical 

6 key through which the conditional access system controls the population of set-top boxes; 

7 and 

S means for forwarding the entitlement management message to the virtual set- 

9 top box address. 

1 19. (Presently Canceled) The conditional access system of claim 9 wherein the 

2 virtual set-top box address is unique to prevent collisions. 

1 20. (Presently Canceled) An encryption renewal system, comprising; 

2 means for storing information relating to a virtual set-top address; 

3 means for receiving from a first conditional access system, a first entitlement 

4 management message having a cr3TDtographic key, the entitlement control message being 

5 intended for receipt by the virtual set-top address; and 

6 means for deriving the cryptographic key from the entitlement management 

7 message, 

1 21. The encryption renewal system of claim 1 1 further comprising means 

2 for determining that the entitlement management message is from the first conditional access 

3 system. 

1 22, (Presently CanceIed)A system for denying access to second pre-encrypted 

2 content generated by a compromised off-line encryption device, the system comprising: 

3 the off-line encryption device having one or more software instructions for 

4 encrypting content to form a first pre-encrypted content and an associated first encryption 

5 record having a first time stamp; and 

6 an encryption renewal system having 

7 one or more software instructions for receiving a signal indicating the 

8 first time stamp as a last authorized time stamp, 
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9 one or more software instructions for receiving a request to access the 

10 second pre-encrypted content, the request being accompanied by a second encryption record 

1 1 having a second time stamp; and 

1 2 one or more software instructions for determining whether the second 

1 3 time stamp predates or is contemporaneous to the first time stamp, if yes, granting the request 

14 to access the second pre-encrypted content, and if the second time stamp is subsequent to the 

1 5 first time stamp, denying the request to access the second pre-encrypted conteni. 

1 23. (Not Elected) The system of claim 22 wherein the request is for an 

2 entitlement control message having information about a periodical key for accessing the 

3 second pre-encrypted content. 

1 24. (Not Elected) An encryption renewal system for controlling access to pre- 

2 encrypted content generated by an encryption device, the system comprising: 

3 one or more software instructions for receiving a request to retrofit an 

4 entitlement control message that allows a home device to access pre-encrypted content; 

5 one or more software instructions for retrofitting the entitlement control 

6 message only after verifying that the pre-encrypted content was generated prior to or 

7 contemporaneous with a first authorized timestamp, 

1 25, (Not Elected) The encryption renewal system of claim 24 wherein the 

2 request for the entitlement control message is accompanied by an encryption record having a 

3 second time stamp. 

1 26. (Not Elected) The encryption renewal system of claim 25 wherein the 

2 second time stamp indicates when the pre-encrypted content was generated. 

1 27. (Not Elected) An encryption renewal system for controlling access to pre- 

2 encrypted content generated by an encryption device, the system comprising; 

3 means for receiving a request for an entitlement control message that allows a 

4 home device to access pre-encrypted content; 

5 means for generatitig the entitlement control message only after verifying that 

6 the pre-encrypted conteni was generated prior to or contemporaneous with a first authorized 

7 times tamp. 
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1 28. (Not Elected) The encryption renewal system of claim 22 wherein the first 

2 encryption record is secured by a cryptographic signature. 

1 29. (Not Elected) An offline encryption device comprising: 

2 one or more software instructions for generating a first time stamp marking 

3 when a first encrypted content is generated; and 

4 one or more software instructions for generating a second time stamp marking 

5 when a second encrypted content is generated, such that if the first time stamp is last 

6 authorized, the second encrypted content is decrypt-able only if the second time stamp is 

7 prior to or contemporaneous with the first time stamp. 

1 30, (Not Elected) The system of claim 29 further comprising one or more 

2 software instructions for generating an encryption record having the first time stamp. 

1 3 1 . (Not Elected) The system of 29 further comprising an encryption renewal 

2 system for receiving a signal providing that the first time stamp is the last authorized time 

3 stamp. 

1 32. (Not Elected) The system of claim 30 further comprising a video on 

2 demand system for forwarding a request to the encryption renewal system to access the 

3 second encrypted content. 

1 33. (Not Elected) The system of claim 32 wherein the request is for an 

2 entitlement control message for retrofitting the second encrypted content. 

1 34, (Not Elected) An offline encryption device comprising: 

2 means for generating a first time stamp marking when a first encrypted content 

3 is generated; and 

4 means for generating for generating a second time stamp marking when a 

5 second encrypted content is generated, such that if the first time stamp is last authorized, the 

6 second encrypted content is decrypt-able only if the second time stamp is prior to or 

7 contemporaneous with the first time stamp. 

35. (Not Elected) The system of claim 29 further comprising means for 



generating an encryption record having the fu-st time stamp. 
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